IT Cybersecurity Specialist

Full Job Description

This position is located with BPA, in the Cyber Assessment, Verification, Remediation & Reporting (JBC) group of the Cyber Security Office (JB), Information Technology (J).

A successful candidate in this position will serve as a senior Information Assurance Officer on the Cyber Security Assessment & (CVA) Team, supporting the security of agency cyber-IT/OT resources & networks & ensuring compliance with applicable federal laws, regulations, & agency directives & policies.

BASIC REQUIREMENT: Experience must be IT related; the experience may be demonstrated by paid or unpaid experience and/or completion of specific, intensive training (for example, IT certification), as appropriate.

For all positions individuals must have IT-related experience demonstrating each of the four competencies listed below.

The employing agency is responsible for identifying the specific level of proficiency required for each competency at each grade level based on the requirements of the position being filled.

Attention to Detail - Is thorough when performing work and conscientious about attending to detail.

Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.

Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.

Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

To meet this requirement, you must demonstrate proficiency in each of the four competencies listed above as follows: GS-13: Advanced - You can perform the actions associated with each of these competencies without assistance.

You are recognized within your immediate organization as "a person to ask" when difficult questions arise regarding each of these competencies.

Focus is on broad organizational/professional issues; You have consistently provided practical/relevant ideas and perspectives on process or practice improvements which may easily be implemented; You are capable of coaching others in the application of each of these competencies by translating complex nuances relating to each competency into easy to understand terms; You participate in senior level discussions regarding these competencies; You assist in the development of reference and resource materials in these competencies.

SPECIALIZED EXPERIENCE REQUIREMENTS: A qualified candidate's resume must demonstrate at least one year of specialized experience equivalent to the next lower grade level (GS-12) in the Federal service.

Specialized experience is defined as experience in 1) leading comprehensive cybersecurity assessments, identifying vulnerabilities and overseeing remediation; 2) demonstrated project management skills and leadership; 3) maintaining assessment documentation, security reports, and technical testing results; 4) translating complex IT security concepts and policies for non-technical audiences; and 5) familiarity with Information Security Continuous Monitoring (ISCM) programs.

"Experience" refers to paid and unpaid experience.

Examples of qualifying unpaid experience may include volunteer work done through National Service programs (such as Peace Corps and AmeriCorps); as well as work for other community-based philanthropic and social organizations.

Volunteer work helps build critical competencies, knowledge, and skills; and can provide valuable training and experience that translates directly to paid employment.

You will receive credit for all qualifying experience, including volunteer experience. You must meet all qualifications and eligibility requirements by the closing date of this announcement.

Major Duties:

As an IT Cybersecurity Specialist, you will: Serve as a senior Information Assurance Officer to perform complex, independent cybersecurity assessments, advocate for cybersecurity during systems development and engineering, and provide risk analysis upon request, assisting with the interpretations and analysis of North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) implementation.

Serve as a technical expert and advisor on all information systems security, particularly policy and compliance issues; continually participate in reviews and assess all aspects of policy and compliance including compliance with industry standards and guidelines.

Support the implementation and management of an effective BPA-wide Cyber Security program and all cyber security programs assigned to JBC.

Integrate information systems security with other security disciplines, manage systems, network, device, and common control provider assessment and authorization activities and ensure coordination and/or collaboration on security activities, including briefing the Authorizing Official and presenting the recommendation of the Office of Cyber Security.

Serve as the lead Information Assurance Officer in the CVA, for all members of JBC, at all grade levels, to develop and maintain processes, procedures, documentation, and metrics for the assessment and authorization process.

Lead the team in identifying, distributing and balancing workload and tasks among employees in accordance with established workflow, skill level and/or occupational specialization; making adjustments to accomplish the workload in accordance with established priorities to ensure timely accomplishment of assigned team tasks; and ensuring that each employee has an integral role in developing the final team product.